From 7b4d38c6cc95df1301945cd0e63fdf927189e2c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= <peterdmv@erlang.org>
Date: Tue, 6 Nov 2018 10:54:38 +0100
Subject: ssl: Change defaults for "supported_groups"

Removed strongest Diffie-Hellman groups from defaults (ffdhe3072,
ffdhe4096, ffdhe6144, ffdhe8192) in order to reduce the time spent
with calculating the keys for the key_share extension.

Change-Id: I1cc1914ea4c5093f694989b0153c1bd1c8840eef
---
 lib/ssl/src/ssl.erl    | 11 +++++++++--
 lib/ssl/src/tls_v1.erl | 11 ++++++++++-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 524f06d52e..df5628b236 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -51,7 +51,7 @@
 %% SSL/TLS protocol handling
 -export([cipher_suites/0, cipher_suites/1, cipher_suites/2, filter_cipher_suites/2,
          prepend_cipher_suites/2, append_cipher_suites/2,
-         eccs/0, eccs/1, versions/0, groups/0,
+         eccs/0, eccs/1, versions/0, groups/0, groups/1,
          format_error/1, renegotiate/1, prf/5, negotiated_protocol/1, 
 	 connection_information/1, connection_information/2]).
 %% Misc
@@ -584,6 +584,13 @@ eccs_filter_supported(Curves) ->
 groups() ->
     tls_v1:groups(4).
 
+%%--------------------------------------------------------------------
+-spec groups(default) -> tls_v1:supported_groups().
+%% Description: returns the default groups (TLS 1.3 and later)
+%%--------------------------------------------------------------------
+groups(default) ->
+    tls_v1:default_groups(4).
+
 %%--------------------------------------------------------------------
 -spec getopts(#sslsocket{}, [gen_tcp:option_name()]) ->
 		     {ok, [gen_tcp:option()]} | {error, reason()}.
@@ -988,7 +995,7 @@ handle_options(Opts0, Role, Host) ->
 		    eccs       = handle_eccs_option(proplists:get_value(eccs, Opts, eccs()),
                                                     HighestVersion),
                     supported_groups = handle_supported_groups_option(
-                                         proplists:get_value(supported_groups, Opts, groups()),
+                                         proplists:get_value(supported_groups, Opts, groups(default)),
                                          HighestVersion),
 		    signature_algs =
                          handle_hashsigns_option(
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index 68ba598612..5665f5310e 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -34,7 +34,7 @@
 	 ecc_curves/1, ecc_curves/2, oid_to_enum/1, enum_to_oid/1, 
 	 default_signature_algs/1, signature_algs/2,
          default_signature_schemes/1, signature_schemes/2,
-         groups/1, groups/2, group_to_enum/1, enum_to_group/1]).
+         groups/1, groups/2, group_to_enum/1, enum_to_group/1, default_groups/1]).
 
 -export([derive_secret/4, hkdf_expand_label/5, hkdf_extract/3, hkdf_expand/4]).
 
@@ -561,6 +561,11 @@ groups(all) ->
      ffdhe4096,
      ffdhe6144,
      ffdhe8192];
+groups(default) ->
+    [secp256r1,
+     secp384r1,
+     secp521r1,
+     ffdhe2048];
 groups(Minor) ->
     TLSGroups = groups(all),
     groups(Minor, TLSGroups).
@@ -571,6 +576,10 @@ groups(_Minor, TLSGroups) ->
     CryptoGroups = crypto:ec_curves() ++ [ffdhe2048,ffdhe3072,ffdhe4096,ffdhe6144,ffdhe8192],
     lists:filter(fun(Group) -> proplists:get_bool(Group, CryptoGroups) end, TLSGroups).
 
+default_groups(Minor) ->
+    TLSGroups = groups(default),
+    groups(Minor, TLSGroups).
+
 group_to_enum(secp256r1) -> 23;
 group_to_enum(secp384r1) -> 24;
 group_to_enum(secp521r1) -> 25;
-- 
cgit v1.2.3